Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Trailrunner7 writes "A researcher has published an explanation of a new flaw in FreeBSD that allows a remote attacker to take control of a vulnerable machine. The vulnerability could give an attacker root access to the FreeBSD machine, and the FreeBSD developers have published a patch for the flaw early Tuesday. The vulnerability lies in run-time link-editor and, if exploited, gives an attacker the ability to run arbitrary code. The researcher, Kingcope, has posted an explanation of the flaw on the Full Disclosure mailing list. In a message to FreeBSD users, Colin Percival, the project's security officer, said that because of the severity of the flaw and the fact that exploit code already is available, he felt it was necessary to post the patch as soon as possible, without even publishing a security advisory."

...and it seems simple enough. Kind of wonder why those env variables wouldn't be unset by default for everything, then set only on programs that should need root. Are those just inherited; do you still need root access to build the FreeBSD user-space? (I honestly don't know; haven't used FreeBSD since the abortion that was 5.x. NetBSD, which is what I use for BSD these days, you can build everything as a regular user.)

Kind of wonder why those env variables wouldn't be unset by default for everything, then set only on programs that should need root.

The environment is inherited *at run time*, not during compilation. And the problem was in the code that tried to unset these variables before loading the executable file: it was failing if the environment was corrupt. With the patch, it detects this and aborts.